London Hospitals Were Attacked By Russian Hackers

A parliamentary committee issued a clear warning about the risk of a “catastrophic” ransomware attack months before Russian state -protected  hackers, known as Qilin, struck the National Health Service (NHS). 

Leading London hospitals -Guy's and St Thomas' and King's College - have both been affected by the attack on the pathology services provider Synnovis by the Russian cyber criminal group Qilin

Other London hospitals which have been severely impacted by the attack include the Royal Brompton, and Evelina Children’s Hospital. South London and Maudsley NHS Trust, which provides community and mental health services has also been heavily disrupted.

Qilin shared almost 400GB of private information on their darknet site, something they threatened to do in order to extort money from Synnovis. The result is that these hospitals are running at reduced capacity because of delays to processing vital blood, urine and tissue tests.

The NHS is “particularly vulnerable” and Britain is unprepared for the “high risk” of a major cyber hack,  the parliamentary Joint Committee on National Security Strategy (JCNSS) told the Government.

Russian Hacking Groups

While the syndicate od Russian state-protected hackers is though to comprise more than 100 individual groups, is not under the direct control of the Russian Government. However, its members enjoy safe haven in the country and are seen by Moscow as a useful tool of cyber warfare and global disruption.

According the JCNSS,  the NHS was operating with “crumbling IT services and a lack of investment”, including “IT systems that are out of support or have reached the end of their lifecycle”. This put it in a “particularly difficult position to protect itself from cyber-attacks”.

Home Office ministers and officials have prioritised policy over the threat of ransomware as a national security risk and the Home Office leads on the risks of cyber security but responsibility for this should be transferred to the Prime Minister's Cabinet Office. “There is a high risk that the Government will face a catastrophic ransomware attack at any moment, and that its planning will be found lacking. If the UK is to avoid being held hostage to fortune, it is vital that ransomware becomes a more pressing political priority, and that more resources are devoted to tackling this pernicious threat to the UK’s national security,” the report said. 

In response to the report, the Government said it was making tackling ransomware a priority in an effort to raise the cyber resilience of the UK, and its critical national infrastructure. It pledged further investment and to work with industry and international partners to pursue criminal groups who conduct attacks.

The British Government claims to have spent over £338m on increasing the resilience of NHS systems to protect it from hacks, and in 2023 launched the UK’s Cyber Strategy to set minimum standards of cyber security to help defend critical infrastructure. NHS England said it had set up a helpline to support people impacted by the attack and it will continue to share updates, but "investigations of this type are complex and take time".

The British National Crime Agency (NCA) which leads the UK’s response to cyber crime, was described as being “locked in an uphill struggle against the ransomware threat, with insufficient resources and capabilities to match the scale of this challenge”. The NCA is also reported to be considering the possibility of taking retaliatory action against Qilin.

DigitalHealth   |     The Record   |    Telegraph   |    inews   |    BBC   |    Guardian   |   Independent   | 

Image: Suraphat Nuea-on

You Might Also Read: 

Russia’s Nation-State Hackers: A Serious Threat To Global Security


If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

 

« RCE Vulnerability In OpenSSH Server
Treading A Safe Path - Navigating Hidden Ransomware Risks »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CORDIS

CORDIS

CORDIS is the European Commission's primary public repository and portal to disseminate information on all EU-funded research projects and their results.

Black Duck Software

Black Duck Software

Black Duck Hub allows organizations to manage open source code security as well as license compliance risks.

CodeOne

CodeOne

CodeOne provides solutions for website and web app security.

Lacework

Lacework

Lacework brings speed, scale, and automation to cloud security and allows security and DevOps teams to collaborate on keeping data and applications safe.

ENEA Qosmos Division

ENEA Qosmos Division

Qosmos, a division of Enea, leads the market for IP traffic classification and network intelligence technology used in physical, SDN and NFV architectures.

CyRise

CyRise

CyRise is a venture accelerator focused squarely on early stage cyber security startups.

DataProtect

DataProtect

DataProtect is a specialized information security company providing consultancy, information management, integration and training services.

Orca Security

Orca Security

Orca Security delivers full stack visibility including prioritized alerts to vulnerabilities, compromises, misconfigurations, and more across your entire inventory on all your cloud accounts.

NetNordic Group

NetNordic Group

NetNordic is a Nordic system integrator focusing on solutions and services in the area of networking, smart data centers, cybersecurity, and unified communication.

Fly Ventures

Fly Ventures

Fly Ventures is a seed-stage venture capital fund for outstanding teams building Enterprise and Deep Tech startups in Europe.

Skudo

Skudo

Skudo is dedicated to creating innovative best-in-class solutions that protect data exchange with the highest level of security and privacy.

SafePaas

SafePaas

SafePaas is a leading Enterprise Risk Management Platform. One source of truth for all your Audit, Risk, and Compliance requirements. Complete governance across your systems.

SecureTeam

SecureTeam

SecureTeam are a UK-based information security practice, specialising in all areas of cybersecurity.

Genix Cyber

Genix Cyber

Genix Cyber provides world-class cybersecurity services that protect systems, cloud applications, infrastructure, critical data, and networks from evolving cyber threats.

Sinergi Digital

Sinergi Digital

Sinergi Digital is a business unit of the Metrodata Group with a focus on providing ICT solution to help accelerating digital transformation.

Tundra Managed Solutions

Tundra Managed Solutions

Tundra Managed Solutions is a comprehensive IT services division offering a wide range of managed solutions designed to meet the diverse needs of businesses.